CVE-2024-35948

HIGH

Linux Kernel 6.7-6.9 - Uncontrolled Resource Consumption in Superblock Validation

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: bcachefs: Check for journal entries overruning end of sb clean section Fix a missing bounds check in superblock validation. Note that we don't yet have repair code for this case - repair code for individual items is generally low priority, since the whole superblock is checksummed, validated prior to write, and we have backups.

References (1)

Core 1

Core References

Patch

https://git.kernel.org/stable/c/fcdbc1d7a4b638e5d5668de461f320386f3002aa

Scores

CVSS v3 8.4

EPSS 0.0023

EPSS Percentile 13.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-400

Status published

Products (6)

Linux/Linux < 6.7

Linux/Linux 1c6fdbd8f2465ddfb73a01ec620cbf3d14044e1a - fcdbc1d7a4b638e5d5668de461f320386f3002aa

Linux/Linux 6.7

Linux/Linux 6.9

linux/linux_kernel 6.9 rc1 (5 CPE variants)

linux/linux_kernel 6.7 - 6.9

Published May 20, 2024

Tracked Since Feb 18, 2026